Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
36 Cards in this Set
- Front
- Back
|
Application controls |
Controls that apply to the processing of specific computer applications and are part of the computer programs used in the accounting system. |
|
|
Computer-assisted audit techniques (CAATs) |
Computer programs that allow auditors to test computer files and databases. |
|
|
Control Activities |
The policies and procedures that help ensure that management's directives are carried out. |
|
|
Control deficiency (Ch. 6 definition) |
A deficiency in internal control exists when the design or operation of control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct, misstatements on a timely basis. |
|
|
Control environment |
The tone of an organization, which reflects the overall attitude, awareness, and actions of the board of directors, management, and owners influencing the control consciousness of its people. |
|
|
Control Risk |
The risk that material misstatements that could occur will not be prevented, or detected and corrected, by internal controls. |
|
|
Electronic (Internet) commerce |
Business transactions between individuals and organizations that occur without paper documents, using computers and telecommunications networks. |
|
|
Electronic data interchange |
The transmission of business transactions over telecommunications networks. |
|
|
General Controls |
Controls that relate to the overall information processing environment and have a pervasive effect on the entity's computer operations. |
|
|
Internal control |
The method by which an entity's board of directors, management, and other personnel provide reasonable assurance about the achievement of objectives in the following categories: (1) reliability of financial reporting, (2) effectiveness and efficiency of operations, and (3) compliance with applicable laws and regulations. |
|
|
Material weakness |
A deficiency, or combination of deficiencies, in internal control and ICFR, such that there is a reasonable possibility that a material misstatement of the entity's annual or interim financial statements will not be prevented, or detected and corrected, on a timely basis. |
|
|
Monitoring of Controls |
A process that assesses the quality of internal control performance over time. |
|
|
Reliance Strategy |
The auditor's decision to rely on the entity's controls, test those controls, and reduce the direct tests of the financial statement accounts. |
|
|
Significant Deficiency |
A deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness yet important enough to merit attention by those charged with governance. |
|
|
Substantive Strategy |
The auditor's decision not to rely on the entity's controls and to audit the related financial statement accounts by relying more on substantive procedures. |
|
|
Walkthrough |
A transaction being traced by an auditor from origination through the entity's information system until it is reflected in the entity's financial reports. It encompasses the entire process of initiating, authorizing, recording, processing, and reporting individual transactions and controls for each of the significant processes identified. |
|
|
Control deficiency (Ch. 7 definition) |
A weakness in the design or operation of a control such that management or employees, in the normal course or performing their assigned functions, fail to prevent or detect misstatements on a timely basis. |
|
|
Entity-level controls |
Controls that have a pervasive effect on the entity's system of internal control such as controls related to the control environment; controls over management override; the entity's risk assessment process; centralized processing and controls, including shared service environments; controls to monitor results of operations; controls to monitor other controls; including activities of the internal audit function, the audit committee, and self-assessment programs; controls over the period-end financial reporting process; and policies that address significant business control and risk management practices. |
|
|
Internal control over financial reporting |
A process designed by, or under the supervision of, the entity's principal executive and principal financial officers, or persons performing similar functions, and effected by the entity's board of directors, management, and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP. |
|
|
Relevant Assertion |
A financial statement assertion that has a reasonable possibility of containing a misstatement or misstatements that would cause the financial statements to be materially misstated. |
|
|
Remediation |
The process of correcting a material weakness as part of management's assessment of the effectiveness of ICFR. |
|
|
Safeguarding of assets |
Those policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the entity's assets that could have a material effect on the financial statements. |
|
|
Significant account or disclosure |
This is significant if there is a reasonable possibility that the account or disclosure could contain a misstatement that, individually or when aggregated with others, has a material effect on the financial statements, considering the risks of both overstatement and understatement. |
|
|
Significant deficiency |
A deficiency, or a combination of deficiencies, in ICFR that is less severe than a material weakness yet important enough to merit attention by those responsible for oversight of the entity's financial reporting. |
|
|
Analytical Procedures |
Evaluations of financial information through analysis of plausible relationships among both financial and nonfinancial data. |
|
|
Assertions |
Expressed or implied representations by management that are reflected in the financial statement components. |
|
|
Exception |
A response that indicates a difference between information requested to be confirmed, or contained in the entity's records, and information provided by the confirming party. |
|
|
General Controls |
Controls that relate to the overall information processing environment and have a pervasive effect on the entity's computer operation. |
|
|
Lapping |
The process of covering a cash shortage by applying cash from one customer's accounts receivable against another customer's accounts receivable. |
|
|
Negative confirmation request |
A request that the confirming party respond directly to the auditor only if the confirming party disagrees with the information provided in the request. |
|
|
Nonresponse |
A failure of the confirming party to respond, or fully respond, to a positive confirmation request or a confirmation request returned undelivered. |
|
|
Positive confirmation request |
A request that the confirming party respond directly to the auditor by providing the requested information or indicating whether the confirming party agrees or disagrees with the information in the request. |
|
|
Substantive tests of controls |
Tests to detect errors or fraud in individual transactions. |
|
|
Tests of controls |
Audit procedures performed to test the operating effectiveness of controls in preventing or detecting material misstatements at the relevant assertion level. |
|
|
Tests of details of account balances and disclosures |
Tests that concentrate on the details of amounts contained in an account balance and in disclosures and related footnotes |
|
|
Blank or zero-balance (positive) confirmation |
A confirmation request on which the recipient fills in the amount or furnishes the information requested. |
